The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

This innovative education and training program includes the following key elements:

An introduction to the key components of the NIST Cybersecurity Framework

How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy

An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications

How to use the framework to protect critical information assets

A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program

A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

The class will help individuals and organizations acquire knowledge, skills and abilities to:

Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment

Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework

Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed

Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps

Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps

Identify required workforce skills and develop career pathways for improving skills and experience

About the Instructor – Larry Wilson:

Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017

Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation

Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years

Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

In today’s world not knowing how your company will respond when it has a breach is negligent. The last thing you want to do is be caught unprepared when the highly likely, but always untimely, event occurs. Businesses of all sizes need to have an incident response plan! Do you? Do you know where to start? If not, this session is for you. In Part 1 of our session will focus on building basic prevention and monitoring capabilities in order to detect incidents. In Part 2 we will focus on building the appropriate incident response plan for your company. Part 3 we will focus on putting the plan in action and building resiliency.

Ninety-five percent of all cyber-attacks are human enabled. Organizations continue to fail at addressing human factors in cybersecurity due to a lack of education and appreciation for human factors as a science. With the increasing spending on technology to safeguard organizations’ critical networks, systems, and data, cybercriminals are circumventing defense-in-depth architectures to target humans, the weakest link. An existing fallacy is that technology will prevent data breaches, ransomware attacks, or cyber-attacks. In fact, integrating new technology creates unintended consequences that increase vulnerabilities. These technologically-induced vulnerabilities are human-enabled highlighting a lack of appreciation for human factors in cybersecurity–let’s reduce human-enable errors

8:30 am

Fortifying Your Enterprise in a Changing Security and Privacy Landscape

Recent multi-million dollar sanctions for data breaches show that businesses cannot afford to be lax on privacy and security. However, the latest Internet Society studies have found that for many companies, these safeguards are severely lacking. What may start as a simple oversight can soon manifest into a potential security and financial nightmare for businesses. Embracing best practices when safeguarding user data is critical for companies to not only retain customers, but to protect themselves from the growing legal liability they could face.Presentation Level: GENERAL (InfoSec best practices, trends, solutions, etc.)

Examine some of the data exposure incidents over the past two years as a result of the misconfiguration of cloud resources, including recent data exposures. Will look at the specific nature of cloud misconfiguration issues, examine the areas of responsibility between cloud providers and their customers, and will offer a number of high-level suggestions on how to prevent or avoid such issues as organizations adopt cloud computing in their businesses.Presentation Level:
GENERAL (InfoSec best practices, trends, solutions, etc.)

The average loss from a bank robbery is about $3,000. The average loss from a successful Business Email Compromise (BEC) attack is nearly $130,000. That kind of math explains why BEC is rampant, and every type of organization is at risk. During this presentation, hear from the point person on BEC cases investigated by the U.S. Secret Service. He’ll share true crime examples of and practical steps for defense against BEC losses, which now stand at $13.5 billion in the last six years.

10:15 am

Conference Break / Exhibitor Product Demonstration

Registration Level:

Open Sessions

10:15 am - 11:15 am

Location / Room: SecureWorld Exhibitor Floor

Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

10:15 am

Mark Gelhardt Book Signing in the CyberLounge on the Exhibitor Floor

Quantities are limited and will be distributed on a first-come, first-served basis.

Mark Gelhardt will be signing copies of his book, “My Time at The Clinton White House.”Find him in the CyberLounge on the Exhibitor Floor at the following times:
10:15 a.m. – 12:00 p.m.
1:00-1:15 p.m.
BOOK SYNOPSIS:Colonel Mark Gelhardt had an atypical military career that landed him in The White House next to the President of the United States, where he was responsible for the last link of communications between the President and the rest of the U.S. government. While a Lieutenant Colonel (LTC) in the Army, Mark was selected by top federal officials to be the Commander of the Data Systems Unit, as part of the White House Communications Agency. In this position, he supported the President as the Chief Information Officer (CIO) for all classified IT used by The White House. LTC Gelhardt served at the White House for over four years (1995-1999), working with President Clinton and his staff almost every day, both on the White House grounds and traveling worldwide. This gave him unfettered access to the inner workings of The White House and the Presidency. Since retiring from the Army in 2001, Mark has been asked by many people about his time at The White House. Mark has many stories about what happened behind closed doors, and proudly speaks about the outstanding support done by the fantastic military members that support the Commander-in-Chief. Mark has taken the time to chronicle his experiences about his day-to-day job at The White House, as well as some of the funny stories he picked up along the way. Please enjoy this non-political book with surprising behind-the-scenes stories. I hope they provide you with some insight to the wonderful military members that work so hard to keep you safe every day in support the of President and Commander-in-Chief.

Join us to continue to hone in the skill of reducing the fragmented efforts of digital, strategic, and operational risk management. Frameworks, methodologies, and controls are essential, but they are just not enough in a digital-native, disruptive-intensive society.Presentation Level:MANAGERIAL (security and business leaders)

11:15 am

Privacy Impact Assessments and Emerging Technologies

Registration Level:

Open Sessions

11:15 am - 12:00 pm

Privacy laws and regulations continue to evolve rapidly in the U.S. at the federal and state levels. Combined with the European Union GDPR, these emerging standards underline the need for businesses to manage data as a regulated asset. The risks are heightened when developing or implementing emerging technologies, such as artificial intelligence, blockchain and biometric technologies. A key part of governance, both to reduce risk and to enable new innovations, is to perform impact assessments when implementing new technologies into the business, and as part of any new product development or innovation operations. This presentation will focus on privacy regulatory issues associated with emerging technologies, trends in structuring impact assessments, approaches to and objectives of PIAs, and ways in which to integrate PIA processes into the business.

Security awareness is often viewed as this intangible part of information security that is always “too” something—too costly, too much effort, too difficult to qualify. But word on the street is that a little bit of awareness is worth its weight in salt, so why are there so many varying perspectives on precisely “how” to implement a security awareness program? The answer is simple: If the streets are talking, shouldn’t someone be listening?

Do you have a plan for your future? Why not? You are the leader of your own destiny! You need to look at where you are, where you want to go, and have a plan to get there. We will talk about how to develop a plan, what to think about, and how to put one foot in front of the other to get to your end goal. We will also talk about how to manage up to your boss to get what you need to help you in your own career. Col. Mark Gelhardt made it to The White House managing his own career, and stood next to the President of the United States. He will tell you how he did it; if he can do it, so can you!

1:15 pm

Panel: Building a Better Mouse Trap (Emerging Threats)

Registration Level:

Open Sessions

1:15 pm - 2:15 pm

To be successful, as an industry, we must strive to get ahead of the bad guys. Easy enough to say but how? By taking a look at the capabilities of the threats we see today we should be able to make some educated guesses on what threats of tomorrow will look like. We know the bad guys don’t follow the rules, take the path of least resistance, and don’t care who they hurt in the process. We need to start thinking like them so that we can figure out what their next step is instead of guessing/hoping.

1:15 pm

Panel: You’ve Got Burned! Now What? (Incident Response)

Registration Level:

Open Sessions

1:15 pm - 2:15 pm

We’ve all heard the adage that it’s not if it happens but when you are inevitably breached… Do you have a plan? Even a framework to go off of? What do you include? Who do you include? How often should you be practicing this plan? Join our experts as they discuss incident response plans, who should be involved, best practices, and pitfalls.

2:15 pm

Conference Break / Exhibitor Product Demonstration

Registration Level:

Open Sessions

2:15 pm - 3:00 pm

Location / Room: SecureWorld Exhibitor Floor

Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

The number of cyber startups is growing exponentially, with 4300+ cybersecurity companies worldwide including several private “unicorns”. With so many startups engaged in helping organizations achieve cybersecurity outcomes, how do organizational decisionmakers think about the risks involved in working with them? A panel of CISOs will share their expectations of and experiences with cybersecurity startups, including how they use solutions from startups to meet existing and emerging cybersecurity challenges.

It is often said that true knowledge must be gained through experience; either through one’s own life or through others. Join this opportunity to hear from women who bring perspectives from diverse industries (retail, financial, healthcare, utilities) as they share their different experiences as women living the information security career journey.

3:00 pm

InfraGard Chapter Meeting and Presentation - Open to all Attendees

Topic: When Does a Data Theft Incident Qualify as a Reportable Data Breach?

Join InfraGard for their chapter meeting and guest presentation. This opportunity is open to all attendees.Presentation:
Upon discovering that a data theft incident has occurred, a significant question arises: Is there an obligation to report the data theft incident, to victims and authorities, as a data breach? The “encryption exception” that is within the GDPR and many US laws indicates that if the data was encrypted when stolen, there has not been a breach and so reporting is not required. This presentation will provide an alternative view: for example, seven different ways that encrypted data may be compromised will be presented. Only by eliminating all seven as possibilities, should you rely on the “encryption exception.”Presentation Level:
GENERAL (InfoSec best practices, trends, solutions, etc.)

The largest cause of publicly disclosed security breaches in cloud environments continues to be poor security hygiene. Public cloud adoption is expanding at a mammoth pace. The absence of a physical network boundary to the internet, combined with the risk of accidental exposure by users with limited security expertise, increases the attack surface in the public cloud. Security governance is challenging in public cloud environments due to the lack of visibility and control over agile changes.

3:00 pm

SecureWorld PLUS Part 2 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework

The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

This innovative education and training program includes the following key elements:

An introduction to the key components of the NIST Cybersecurity Framework

How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy

An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications

How to use the framework to protect critical information assets

A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program

A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

The class will help individuals and organizations acquire knowledge, skills and abilities to:

Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment

Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework

Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed

Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps

Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps

Identify required workforce skills and develop career pathways for improving skills and experience

About the Instructor – Larry Wilson:

Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017

Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation

Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years

Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

In today’s world not knowing how your company will respond when it has a breach is negligent. The last thing you want to do is be caught unprepared when the highly likely, but always untimely, event occurs. Businesses of all sizes need to have an incident response plan! Do you? Do you know where to start? If not, this session is for you. In Part 1 of our session will focus on building basic prevention and monitoring capabilities in order to detect incidents. In Part 2 we will focus on building the appropriate incident response plan for your company. Part 3 we will focus on putting the plan in action and building resiliency.

3:45 pm

Casino Happy Hour

Join us for the Casino After Party: Networking, Games, Prizes, Drinks, and Snacks

Join your peers at 3:45 p.m. in the Exhibit Hall for beverages and snacks. Test your luck at Blackjack, Roulette, and Craps. Hand the voucher you receive at registration to one of the participating exhibitors to get started with $1,000 and win big for your chance at some cool prizes!

Thursday, October 10, 2019

7:00 am

Registration Open

Registration Level:

Open Sessions

7:00 am - 3:00 pm

Location / Room: Registration Desk

8:00 am

SecureWorld PLUS Part 3 - Designing and Building a Cybersecurity Program based on the NIST Cybersecurity Framework

The University of Massachusetts has developed a 6 hour SecureWorld Plus training class that instructs attendees on the best practices for designing, building, and maintaining a Cybersecurity Program based on the NIST Cybersecurity Framework. Organizations who currently use the Framework or are planning to use the Framework for their cybersecurity program will benefit from this course.

This innovative education and training program includes the following key elements:

An introduction to the key components of the NIST Cybersecurity Framework

How to use the Framework to support business strategy, technology strategy, and cyber-risk strategy

An approach for adopting the framework to build and sustain secure and resilient infrastructure, secure and resilient networks, secure and resilient applications

How to use the framework to protect critical information assets

A Controls Factory Model that organizations use to create an Engineering Program, a Technical Program and a and Business / Management Program

A methodology for developing a Cybersecurity Strategy, System Security Plan (SSP), Risk Assessment, Plan of Action and Milestones (POA&M) and Executive Report

The class will help individuals and organizations acquire knowledge, skills and abilities to:

Develop a strategy to apply the NIST Cybersecurity Framework (NCSF) to their environment

Create a comprehensive System Security Plan (SSP) based on the NIST Cybersecurity Framework

Conduct a Risk Assessment to compare the current profile with the target profile and identify any gaps that need to be addressed

Develop a Plan of Action and Milestones (POA&M) to mitigate the highest priority gaps

Establish an Executive Report to measure and communicate current profile, target profile, POA&M and program plan / roles and responsibilities to remediate identified gaps

Identify required workforce skills and develop career pathways for improving skills and experience

About the Instructor – Larry Wilson:

Larry Wilson is the former CISO for UMass President’s Office from 2009 to 2017

Prior to UMass, Larry developed and managed the Global Infrastructure Services (GIS) Security Program for State Street Corporation

Larry has been teaching cybersecurity courses based on the NIST Cybersecurity Framework at SecureWorld events for the past 5 years

Larry has conducted over 20 consulting engagements, helping organizations design and build cybersecurity programs based on the NIST Cybersecurity Framework

In today’s world not knowing how your company will respond when it has a breach is negligent. The last thing you want to do is be caught unprepared when the highly likely, but always untimely, event occurs. Businesses of all sizes need to have an incident response plan! Do you? Do you know where to start? If not, this session is for you. In Part 1 of our session will focus on building basic prevention and monitoring capabilities in order to detect incidents. In Part 2 we will focus on building the appropriate incident response plan for your company. Part 3 we will focus on putting the plan in action and building resiliency.

Your financial institution has been hacked and is now on the evening news. Customers, board members, the press, and regulators are hounding you by the minute. How do you recover step-by-step as CIO/COO/CISO? This session covers data breach nightmares during pre-attack, attack-in-motion, and post-attack scenarios. What are the key steps in starting the recovery of business operations with everyone demanding quick action? Next in line is the enforcement actions from the regulator: what are the necessary turnaround actions and road-maps? Gain real-world insider views on turning around a horrible situation.Presentation Level:MANAGERIAL (security and business leaders)

Your organization is required to implement a continuity plan but they can be complex and time consuming. Perhaps you are wondering where to start, and your organization is pressing you to innovate and leverage efficiencies. Cyber attacks are inevitable and can cause serious harm to your organization’s availability. Join Michael Smith and James Carpenter as we walk through important planning steps for building and implementing your continuity plan.

Pedro will discuss his lessons learned in security awareness. He works in a very traditional Oil And Gas Exploration company, and from the production point of view, security awareness was the last thing anyone wanted to talk about. Pedro was able to change the culture, and ultimately behavior, by relating security awareness to their home use. He made it personal and relevant to the employee, that got attention. Once you have their attention, then you can start changing their behavior.

9:00 am

Exhibit Floor Open

Registration Level:

Open Sessions

9:00 am - 3:00 pm

Location / Room: SecureWorld Exhibitor Floor

This is the time to visit exhibitors participating in Dash For Prizes & CyberHunt for your chance to win prizes!

9:30 am

[OPENING KEYNOTE] Everything You Wanted to Know About a Ransomware Attack, but Were Afraid to Ask

This presentation will focus on lessons learned from a real ransomware attack and what to consider before, during, and after the attack. The audience take-away will include a thought-provoking list of resources and protection measures that will better prepare any organization.

10:15 am

Conference Break / Exhibitor Product Demonstration

Registration Level:

Open Sessions

10:15 am - 11:15 am

Location / Room: SecureWorld Exhibitor Floor

Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

Legal obligations attach when a data privacy or security incident occurs. An important component to responding to any data incident requires analysis of various international, state, and sectoral laws and regulations applicable to a given incident. This discussion will highlight the current and future legal climate of incident response.

Cyber liability insurance was conceived to help organizations recover from the devastating effects of a cyber attack, but are they actually fulfilling that purpose? While cyber insurance underwriters are requiring policy seekers to fill out risk assessment surveys and have offered resources to clients to help mitigate cyber risk, the daunting burden of proof is still placed on the insured to prove lack of negligence. What has to happen for insurers and their clients to agree upon third party risk assessment tools to create a more equitable cost vs. coverage framework? How can businesses regain control of their risk valuations?

This presentation will cover three major areas of concerns when developing reporting for the board of directions. The first is assurance testing and reporting of the results so that the board is confident that the program is operating as promised. The second is an overview of current laws in the financial sector and other industries, including some that require board-level reporting. Finally, we will discuss what goes into the board package and how it should be presented.Presentation Level: MANAGERIAL (security and business leaders)

Two-thirds of all major data breaches can be traced to an external third party of some kind. In addition, more and more regulations are focusing on third parties, as well. Business partners, suppliers, service providers, auditors, consultants, outside counsel firms, and more all add to a company’s cyber and compliance risk. Effectively assessing and managing these third-party risks is now more important than ever.Presentation Level:GENERAL (InfoSec best practices, trends, solutions, etc.)

In twenty years of practicing cyber law, Shawn Tuma has seen a multitude of real-world cybersecurity and data breach cases. He will share his experience on:
· Why cybersecurity is an overall business risk that must be properly managed to comply with laws and regulations
· Why strategic leadership is critical in cybersecurity
· Why teams are critical for cybersecurity and are affected by personalities and psychology
· How to prioritize limited resources to effectively manage the most likely real-world risks
· How to achieve reasonable cybersecurity
· Why cyber insurance is a critical component of the cyber risk management process

1:15 pm

Panel: Shifting Landscape of Attack Vectors

Registration Level:

Open Sessions

1:15 pm - 2:15 pm

If one thing holds true in cybersecurity it is the fact that our adversaries are pretty smart. They are. To be fair, they only have to be right once in a while. These cyber thugs are constantly shifting their attack vectors to better infiltrate our networks. There are so many endpoints to cover that the “bad guys” can try something new all the time. They have also discovered that we do not have great cyber hygiene when it comes to training our workforce. End users continue to be the “weakest link” within an organization as we’ve learned from all the ransomware attacks and business email compromises of late. This panel will talk about the shift in attack vectors and make some predictions about what to watch out for in the not too distant future.

1:15 pm

Panel: The Battle for the Endpoint Continues (Endpoint Security)

Registration Level:

Open Sessions

1:15 pm - 2:15 pm

What are you doing to keep the network safe for your employees? You’ve got your fancy next-gen firewall and some A/V. Maybe even some biometrics or 2FA thrown in for safekeeping. We also keep hearing the IAM acronym thrown around. And what is Zero Trust? What are you missing? Oh, yeah… remote workers and IoT. Wouldn’t it be cool if you had someone to ask? Now you do. This panel will go through these questions and more. Join the group discussion as we address the challenges in endpoint and network security.

2:15 pm

Conference Break / Exhibitor Product Demonstration

Registration Level:

Open Sessions

2:15 pm - 3:00 pm

Location / Room: SecureWorld Exhibitor Floor

Reboot with coffee and infused water while visiting exhibitors on the exhibitor floor.

2:30 pm

Dash for Prizes & CyberHunt

Registration Level:

Open Sessions

2:30 pm - 2:45 pm

Location / Room: SecureWorld Exhibitor Floor

Be sure to have exhibitors scan your badge for a chance to win prizes. Past prizes have included Kindles, Bose headphones, gift cards, iPads, iPods and more! *Must be present to win

3:00 pm

Third-Party Risk: Creating and Managing a Program that Works!

Registration Level:

Conference Pass

3:00 pm - 3:45 pm

Every organization is concerned with third-party risk. No one wants to be the next Target breach. This session will examine the components of third-party risk management and give you some leading practices on how to develop a workable and sustainable process.

The technology IoT (Smart) revolution is moving at lightning speed in positive helpful ways freeing humans from burdensome everyday tasks. On the other hand, the threat landscape for these technological advances is far more sinister then most realize. It extends from Satellites in space into every personal and corporate network. It extends from any device manufactured, because although we may buy devices at places like AT&T and Verizon, the sensors, parts and semiconductors along with the firmware and Apps or software could be manufactured and/or assembled anywhere in the world. A well-known example of this occurred in August 2018 when cybersecurity researchers from Chinese firm Tencent’s Blade exploited various vulnerabilities they found in the Echo smart speaker, briefly turning it into an eavesdropping device.

3:00 pm

Time to Get Re-Married: Turns Out, Privacy and Cybersecurity Are Still in Love!

Cybersecurity and privacy have been divorced for some time now, with organizations splitting responsibilities: cyber/information security responsibilities lie with the technical teams, and privacy generally resides with the legal teams. Unfortunately, this split has been disastrous, mostly for the general public! In this session, we will discuss how forward thinking companies are re-marrying their cybersecurity and privacy programs to create a more holistic plan for data security and privacy—hopefully, to live happily ever after.Presentation Level:GENERAL (InfoSec best practices, trends, solutions, etc.)

Keynote & Speaker Information

SecureWorld Dallas

October 9-10, 2019

Exhibitors

ACP

Booth: 180

ACP is the premier organization for business continuity professionals providing a powerful networking and learning environment for ACPits members. Known for its progressive programs, workshops and symposiums, the organization has become a unifying force in defining and leading the continuously evolving fields of business continuity, disaster recovery, and emergency response (the “profession”). The Organization is strategically aligned with business partners such as DRI International, and BC Management, as well as our corporate sponsors. With a strong presence in North America, ACP has 42 chapters and over 2,300 members. We welcome all individuals, regardless of experience or certification, with an interest in the Profession.

Founded in 1983, we are an established community of industry experts, educators, practitioners, leaders, facilitators and advocates. Our members view us as connectors and as a vital networking source.

Whiteboard Venture Partners is building this exclusive community to help cybersecurity startups engage/collaborate with security innovation stakeholders.

Cloud Security Alliance (CSA)

Booth: 410

The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders.

In a world where preventing all cyberattacks is impossible, Comodo Cybersecurity delivers an innovative cybersecurity platform that renders threats useless, across the LAN, web and cloud. The Comodo Cybersecurity platform enables customers to protect their systems and data against even military-grade threats, including zero-day attacks. Based in Clifton, New Jersey, Comodo Cybersecurity has a 20-year history of protecting the most sensitive data for both businesses and consumers globally.

EC-Council

Booth: 700

International Council of E-Commerce Consultants, also known as EC-Council, is the world’s largest cyber security technical certification body. We operate in 140 countries globally and we are the owner and developer of the world-famous Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Testing (Practical) programs, among others. We are proud to have trained and certified over 140,000 information security professionals globally that have influenced the cyber security mindset of countless organizations worldwide.

InfraGard North Texas

Booth:

The primary purpose of the InfraGard North Texas Members Alliance is to assist in increasing the security of the United States national infrastructures through ongoing exchanges of information relevant to infrastructure protection and through education, outreach, and similar efforts. In addition to the benefits offered by the national InfraGard organization, there are several ways our local chapter accomplishes these objectives, including:

Partnerships and discounts to training offerings with other organizations such as ISSA and SecureWorld

Networking opportunities with peers within and across all sectors

(ISC)2 Dallas-Fort Worth

Booth: 140

The Dallas-Fort Worth Chapter of (ISC)2 is based in the DFW area and serves the counties of the Dallas-Fort Worth Metroplex. Members include those with security certifications from (ISC)2 as well as other professionals practicing or interested in information, software and communications security. Our mission is to advance information security in the DFW area by providing our members and other security professionals with the opportunity to share knowledge, grow professionally, educate others, and collaborate on projects. Our chapter programs provide members a forum to facilitate the exchange of knowledge and ideas, development of leadership and professional skills, and advancement of information systems security. We also provide our members with access to a variety of industry resources and educational programs to keep them up to date with the latest advances in technology as well as information assurance.

ISSA: North Texas

Booth: 600

The Dallas/Fort Worth area has many large corporations, government organizations, and educational institutions. Our membership comes from the network and information systems professionals of these organizations and institutions, as well as vendors of security products. We seek to provide our members with access to information and resources to assist their employers in securing critical information resources. Our monthly luncheon meetings, conferences, and other resources are available to members and non-members alike to assist in educating security practitioners of all types.

ISSA Fort Worth

Booth: 340

The Information Systems Security Association (ISSA)® is a not-for-profit, international organization of information security professionals and practitioners. It provides educational forums, publications, and peer interaction opportunities that enhance the knowledge, skill, and professional growth of its members. Learn more at the ISSA, International website. The Fort Worth Chapter of ISSA brings all of the benefits of International membership, along with opportunities for experiencing great speakers, local networking, earning CPEs, job prospecting and more.

Ixia, a Keysight Business

Booth: 630

We provide testing, visibility, and security solutions to strengthen applications across physical and virtual networks. Organizations use our tools and capabilities to test, secure and visualize their networks so their applications run stronger.

Mimecast’s security, archiving and continuity cloud services protect business email and deliver comprehensive email risk management in one fully-integrated subscription service. Mimecast reduces the risk, complexity and cost traditionally associated with protecting email. You no longer have to manage an array of disjointed point solutions from multiple vendors. And you mitigate single vendor exposure if you have moved your primary email server to the cloud with services like Microsoft Office 365.
Our best-of-breed services protect the email of over 24,900 customers and millions of users worldwide against targeted attacks, data leaks, malware and spam. We give employees fast and secure access to sensitive business information, and ensure email keeps running in the event of a primary service outage.

RIMS

Booth: 160

The Dallas Fort Worth RIMS Chapter is among the largest most active chapters in the world, making a global and local difference regarding the importance of Risk Management.

Security Innovation

Booth: 100

For almost two decades, global clients have trusted Security Innovation to help them learn how to defend software applications and sensitive data from cyber-threats and attacks. We understand the challenges facing today’s enterprise, where reputation and customer trust is on the front lines. That’s why we continually work to discover and overcome the latest security threats with our Centers of Excellence, and integrate this knowledge into every training and assessment solution we deliver.

TechTarget

Booth:

TechTarget (NASDAQ: TTGT) is the online intersection of serious technology buyers, targeted technical content and technology providers worldwide. Our media, powered by TechTarget’s Activity Intelligence platform, redefines how technology buyers are viewed and engaged based on their active projects, specific technical priorities and business needs. With more than 100 technology specific websites, we provide technology marketers innovative media that delivers unmatched reach via custom advertising, branding and lead generation solutions all built on our extensive network of online and social media. TechTarget is based in Boston and has locations in Atlanta, Beijing, Cincinnati, London, Paris, San Francisco, Singapore, and Sydney.

Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

Mary N. Chaney, Esq., CISSP, has over 20 years of progressive experience within the fields of Law, Information Security, Privacy and Risk Management. She graduated from Xavier University in Cincinnati, Ohio with her B.S.B.A in Information Systems and received her J.D. degree from Thurgood Marshall School of Law.
Ms. Chaney spent several years practicing law in Washington, DC focusing primarily on anti-trust and intellectual property rights infringement cases. She then transitioned to serve her country by becoming a Special Agent for the Federal Bureau of Investigation (FBI) where she investigated cybercrime and served as their Information Systems Security Officer.
Ms. Chaney obtained her Certified Information Systems Security Professional (CISSP) certification in 2008. In her corporate career, she has held senior level information security roles with Comcast, Johnson & Johnson and GE Capital.
Voluntarily, Ms. Chaney is the Chairman and CEO of Minorities in Cybersecurity, Inc. which focuses on leadership and career development for minorities and women. Ms. Chaney also holds advisory board roles for the Cyber Law Consortium, Post University and ChickTECH. In each of her volunteer endeavors Ms. Chaney strives to improve the cyber security and privacy community by ensuring both students and professionals have the resources they need to excel in their careers.
Academically, Ms. Chaney is an adjunct professor with the University of Cincinnati where she teaches courses to assist with the development of the next generation of cybersecurity professionals.
Professionally, Ms. Chaney owns her own cyber security law practice, The Law Offices of Mary N. Chaney, P.L.L.C., The Cyber Security Law Firm of Texas, where she specializes in helping, the Board of Directors, CIO, CISO and General Counsel of any company, understand each other and to legally protect the enterprise from cyber security risk.

Dr. Nobles is a Cybersecurity Scientist and practitioner with more than 25 years of experience. He teaches cybersecurity at several universities. He recently retired from the Navy and is currently employed in the Financial and Services Industry. Dr. Nobles is a Cybersecurity Policy Fellow with the New America Think Tank. He authored a book on the integration of technologically advanced aircraft in general aviation. His personal story is featured in the book, Black Men Changing the Narrative Through Education. Dr. Nobles serves as Chairman, of a Cybersecurity Technology Advisory Board and on the Intelligence and National Security Alliance Cyber Council. He has fulfilled various executive-level positions as a cybersecurity professional.

Jeff Wilbur is the Technical Director of the Internet Society’s Online Trust Alliance. He is responsible for integrating, developing, and extending the OTA initiative within the Internet Society’s overall mission and objectives. He has over 25 years of experience in high technology, all focused on bringing new, industry-transforming communications technologies to market. He has been involved at the founding stages of Ethernet, routing, switching, VOIP, unified messaging, and email authentication and services in both startups and Fortune 500 companies. Jeff has a technical and business background with a Master’s Degree in Engineering from Stanford.

Bill Meredith

Cloud Security Engineer, Charles Schwab

Bill Meredith has over 25 years of experience designing, implementing, and supporting IT solutions for large enterprises, of which 10 years have been in the cybersecurity area. He is a cybersecurity professional with experience across a diverse set of cyber domains and industries such as Cloud Security, Financial, Forensics Investigation, Technology, Industrial, Commercial Web, Consumer Retail, Product Distribution, Shipping Logistics, and Manufacturing. Bill has a Bachelor's degree in Accounting, a Bachelor's degree in Computer Information Systems, and a MBA from the University of Louisville. He currently holds the CISSP, CCSP, CCSK, and AWS Cloud Practitioner certifications.

Patrick is an Advisory CISO and formerly the Deputy CISO for Cheetah Digital. He is a security and privacy executive, writer, speaker, knowledge provider and seeker. He has been an Executive Business Partner at Experian; a Customer Delivery Executive and Service Delivery Leader at Dell; and owned a technology consulting company. He is certified as C/CISO, CISM, CISSP, CRISC, PMP, ITIL Expert, and Lean Six Sigma Black Belt. He is a pilot and flight instructor. He studies and teaches Aikido, rides motorcycles, and his favorite teaching is “From Chaos Comes Greatness,” a loose translation from the “I Ching."

Chris McMahon is a Special Agent for the United States Secret Service. Prior to joining the Secret Service, Chris was a Prince George’s County, MD Police Officer. Chris is a well-seasoned criminal investigator specializing in cyber-enabled financial fraud, money laundering, credit card/ID fraud among other crimes. Chris began his Secret Service career out of the New York Field Office spending time between the Fraud Squad and Electronic Crimes Task Force where he earned the designation NITRO Agent for specialized training in network intrusions. While in the New York Field Office, Chris ran point on several large-scale multi-national criminal investigations targeting transnational organized crime groups. Chris is currently assigned to the U.S. Secret Service, Global Investigative Operations Center (GIOC) where he specializes in Business Email Compromise schemes and account takeovers focusing on the international nexus of cyber-enabled financial crime.

Paola Saibene is the VP of Enterprise Risk Management at American Heart Association. She has been a CIO, CTO, and CSO of large organizations, and has worked in private, non-profit, and government sectors.

Dominick Frazier is a security professional with over 13 years of security experience with his current role being in Information Technology/Cyber-Security. In his current role he serves as the Security Awareness & Communication Manager responsible for the conversation around security between technical and non-technical teams, which extends to both employees and clients. Given his tenure in security, he has robust knowledge of the information technology and physical security sector including applicable regulations and frameworks.

Colonel Mark Gelhardt is a retired Army combat veteran. While in the Army, Mark was selected to be the Chief Information Officer for The White House, supporting President Clinton with secure Automation and Telecommunication for over four and half years. Mark has over 40 years of experience in providing executive level management in Information Technology and Cybersecurity fields as a CTO, CSO, CIO, and CISO for several global companies. He is currently the VP of Global Technology Governance for US Bank. Mark is a published author and well-known keynote speaker.

As Vice President, Chief Security Officer (CSO) at MedeAnalytics, Cindi oversees global enterprise security. Her mission encompasses creating a culture that places high value on securing and protecting MedeAnalytics and the clients’ information entrusted to them. Cindi has built and matured both cyber and physical security practices at The University of Michigan Health System and Cerner Corporation. More recently, Cindi served as the Deputy Chief Information Security Officer at Blue Cross and Blue Shield of Kansas City. Cindi is the founding President of Women in Security-Kansas City, a non-profit organization with the mission to support women at all career levels in Information Security, and serves as an Advisory Board member within the security industry.

Kelce Wilson

General Counsel, InfraGard North Texas

Kelce S. Wilson was in the U.S. Air Force, both active duty and reserves, retiring as a Lieutenant Colonel. He has a B.S., M.S. and PhD in electrical engineering, an M.B.A., a J.D., US PTO patent practitioner registration, and is a certified privacy professional with CIPP-US, CIPP-E, and CIPM. During his military and engineering career he worked in cryptography, radar and jamming, low observable (stealth) aircraft, and cybersecurity testing (white hat hacking). As an attorney, he has worked in patent litigation, licensing, and prosecution, and also privacy & security matters, including both breach prevention and response.

Bill is an Information Technology professional with 30 years' experience in IT Security, Fraud investigation, Information Security, and Risk Assessment processes. He is a member of the team responsible for Information Security architectural work around Public Cloud Adoption. He has worked in the Information Technology space for 30 years, starting as a bench technician and working and learning his way up to Information Security Management. Bill is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) and Certified in Risk and Information Systems Controls (CRISC).

Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

Mary N. Chaney, Esq., CISSP, has over 20 years of progressive experience within the fields of Law, Information Security, Privacy and Risk Management. She graduated from Xavier University in Cincinnati, Ohio with her B.S.B.A in Information Systems and received her J.D. degree from Thurgood Marshall School of Law.
Ms. Chaney spent several years practicing law in Washington, DC focusing primarily on anti-trust and intellectual property rights infringement cases. She then transitioned to serve her country by becoming a Special Agent for the Federal Bureau of Investigation (FBI) where she investigated cybercrime and served as their Information Systems Security Officer.
Ms. Chaney obtained her Certified Information Systems Security Professional (CISSP) certification in 2008. In her corporate career, she has held senior level information security roles with Comcast, Johnson & Johnson and GE Capital.
Voluntarily, Ms. Chaney is the Chairman and CEO of Minorities in Cybersecurity, Inc. which focuses on leadership and career development for minorities and women. Ms. Chaney also holds advisory board roles for the Cyber Law Consortium, Post University and ChickTECH. In each of her volunteer endeavors Ms. Chaney strives to improve the cyber security and privacy community by ensuring both students and professionals have the resources they need to excel in their careers.
Academically, Ms. Chaney is an adjunct professor with the University of Cincinnati where she teaches courses to assist with the development of the next generation of cybersecurity professionals.
Professionally, Ms. Chaney owns her own cyber security law practice, The Law Offices of Mary N. Chaney, P.L.L.C., The Cyber Security Law Firm of Texas, where she specializes in helping, the Board of Directors, CIO, CISO and General Counsel of any company, understand each other and to legally protect the enterprise from cyber security risk.

Larry Wilson is currently a senior consultant and former Chief Information Security Officer for the University of Massachusetts President's Office. In the CISO role, Larry was responsible for developing, implementing and overseeing compliance with the UMass Information Security Policy and Written Information Security Plan (WISP). In addition to designing and deploying the UMass cybersecurity program, Larry has developed and delivered cybersecurity training at multiple industry events, workshops, training venues, etc. Courses include Designing and Building a Cybersecurity Program, The NIST Cybersecurity Framework Foundations, The NIST Cybersecurity Framework Practitioners, Engineering, Technology and Business Labs and Workshops based on the NIST Cybersecurity Framework, etc. Larry has also worked with multiple companies in multiple industries to help design, build and maintain their Cybersecurity Programs and evaluate their current security posture.

Mary N. Chaney, Esq., CISSP, has over 20 years of progressive experience within the fields of Law, Information Security, Privacy and Risk Management. She graduated from Xavier University in Cincinnati, Ohio with her B.S.B.A in Information Systems and received her J.D. degree from Thurgood Marshall School of Law.
Ms. Chaney spent several years practicing law in Washington, DC focusing primarily on anti-trust and intellectual property rights infringement cases. She then transitioned to serve her country by becoming a Special Agent for the Federal Bureau of Investigation (FBI) where she investigated cybercrime and served as their Information Systems Security Officer.
Ms. Chaney obtained her Certified Information Systems Security Professional (CISSP) certification in 2008. In her corporate career, she has held senior level information security roles with Comcast, Johnson & Johnson and GE Capital.
Voluntarily, Ms. Chaney is the Chairman and CEO of Minorities in Cybersecurity, Inc. which focuses on leadership and career development for minorities and women. Ms. Chaney also holds advisory board roles for the Cyber Law Consortium, Post University and ChickTECH. In each of her volunteer endeavors Ms. Chaney strives to improve the cyber security and privacy community by ensuring both students and professionals have the resources they need to excel in their careers.
Academically, Ms. Chaney is an adjunct professor with the University of Cincinnati where she teaches courses to assist with the development of the next generation of cybersecurity professionals.
Professionally, Ms. Chaney owns her own cyber security law practice, The Law Offices of Mary N. Chaney, P.L.L.C., The Cyber Security Law Firm of Texas, where she specializes in helping, the Board of Directors, CIO, CISO and General Counsel of any company, understand each other and to legally protect the enterprise from cyber security risk.

Eddie Ho

Former CIO & COO, Los Alamos National Bank

Eddie Ho is the former COO and CIO for Los Alamos National Bank in New Mexico and CIO and CISO at OmniAmerican Bank in Texas. Prior to banking leadership roles, Eddie was in Technology Risk Management, cyber security, and Enterprise Architecture for IBM, Dell, Grant Thornton, and Blockbuster. Eddie is a board member for ePayAdvisors and is a frequent speaker for banking and finance industries. Eddie is the author of a network technology book and frequent contributor to industry publications. Eddie holds a BS from the University of Wisconsin, an MS in Computer Science from North Dakota State University, and holds CIPP, CISA, CISM, CGEIT, and CISSP certifications.

Michael Smith

Sr. Information Systems Auditor, Parkland Health & Hospital System

Michael R. Smith, MBA, CISSP, CFE, CISA, CIA, PMP, ITIL, is a Healthcare Information Technology Professional with over thirty years of IT experience. Michael is a Sr. I.S. Auditor at Parkland in Dallas Texas specializing in performing information security assessments and audits focused around IT governance and regulatory compliance.

James Carpenter is a Healthcare Information Technology & Security Professional with 20 years of IT leadership experience. James is currently the Director of Information Technology & Security for Texas Scottish Rite Hospital for Children in Dallas, Texas. Over the course of his career James has created and led healthcare information security teams and helped organizations successfully navigate the complex and ever-changing landscape of security and technology. James has been responsible for strategic design of information security programs, implementation of key enterprise information security technologies such as DLP, IDM/IAM, eDiscovery, MDM, and the teams and processes that support successful integration. James is a CISSP, CISM, and CISA and holds a Master’s degree in Strategic Leadership from Amberton University.

Pedro Serrano has over 35 years of experience managing and installing technical controls in networks around the world, 20 of those in military systems. He is the CISO for Grand River Dam Authority and Professor at his local University teaching infrastructure systems, security controls, and networking. Pedro has two postgraduates degrees one in Telecommunications Management from Oklahoma State University and the other in Computer Science from Tulsa University. Pedro serves as the President of the Information System Security Association (ISSA) chapter in Tulsa, Oklahoma and holds the CISSP certification from ISC2.

Mark is currently serving as the Chief Information Security Officer at Supreme Lending. Prior to Supreme Lending, Mark Served as the CISO at Prime Lending, Head of Information Security at MetroPCS (a T-Mobile division), VP of Information Technology and VP of Information Security at InCharge Institute, Head of NEC Information Security Consulting practice covering the US and the Caribbean. Prior to NEC, Mark co-founded Network Audit Systems, which was acquired by Armor Holdings, a NYSE global threat mitigation leader, where he served as a CTO. Prior experience included serving as the first Head of Information Security at Niagara Mohawk Power Corporation with responsibility for program development covering Corporate, Fossil, Hydro and Nuclear division protections. Mark is a graduate of State University of New York with a BS in Business Management and attanded the Harvard Business School Executive Education Program.

As a cybersecurity and data privacy attorney in the Dallas office of Spencer Fane LLP, Jeremy Rucker has assisted companies of all sizes in responding to data security and privacy incidents. The expertise of Jeremy and his Spencer Fane colleagues cover several industries including healthcare, banking and finance, insurance, energy, transportation, and manufacturing.

Mark is the Founder and Principal Consultant at Aberfoyle Associates, a Plano based cybersecurity consulting firm. Mark is a Board Member of the North Texas ISSA, was recently inducted into Infragard, and is called upon periodically to speak at cybersecurity industry events. He holds a Bachelor’s Degree in Management from Clemson University and a Master's Degree in Telecommunications Management from Oklahoma State University.

Jason Edwards has over 20 years of IT/Cybersecurity experience and currently works for USAA researching, developing and executing enterprise cybersecurity assurance testing. Jason is a 22-year veteran of the US Army and has served multiple tours of duty in Iraq, Afghanistan, and elsewhere. Jason is currently awaiting final approval for his doctoral dissertation in cybersecurity with a focus on ‘Regulatory Cybersecurity Testing of Large Financial Institutions.’ Jason and his family enjoy living in San Antonio and spending time outdoors. Jason is married to Selda, and they have 4 children, Michelle (21), Chris (19), Ceylin (9) and Mayra (7).

KC Condit has been an information security practitioner and IT leader for 30 years with a diverse resume including hospitality, financial services, retail, and private, post-secondary education. He is currently the CISO for G6 Hospitality, LLC, and is responsible for information security, data privacy, IT risk management, and IT compliance for the Motel 6 and Studio 6 brands in the U.S. and Canada along with the Hotel 6 brand in India. Since 2011, KC has made 3rd party risk management an area of particular focus, developing low-cost approaches and creative, risk-based solutions.

Shawn Tuma is an internationally recognized cybersecurity, computer fraud and data privacy law attorney, areas in which he has practiced for two decades. He is Co-Chair of Spencer Fane’s Data Privacy & Cybersecurity Practice where he regularly serves as cybersecurity and privacy counsel advising a wide variety of businesses ranging from small and mid-sized companies to Fortune 100 enterprises. Shawn has been named a Cybersecurity Law Trailblazer by the National Law Journal, SuperLawyers Top 100 Lawyers in DFW, and Best Lawyers in Dallas. He serves as the Practitioner Editor for Bloomberg Law’s Texas Privacy & Data Security Law, among many other activities.

Robin Austin

CTO / CISO, Colliers Group

As a CTO/CISO, Robin is responsible for overseeing all technical aspects of the company including Cyber Security, Risk and Compliance. Using an active and practical approach, Robin oversees all employees in IT, IO and OT departments to attain the company's strategic goals established in the company's digital strategic plan. Robin has also built several successful technology companies like Cyber Defense Resources providing additional lines of revenue for the company. As a critical thinker and Technology Evangelist, Robin publishes articles and books on disruptive technology in AI/ML and cryptography and acts as Fortune 1000 C-Suite Executives Trusted Advisor.

Mary N. Chaney, Esq., CISSP, has over 20 years of progressive experience within the fields of Law, Information Security, Privacy and Risk Management. She graduated from Xavier University in Cincinnati, Ohio with her B.S.B.A in Information Systems and received her J.D. degree from Thurgood Marshall School of Law.
Ms. Chaney spent several years practicing law in Washington, DC focusing primarily on anti-trust and intellectual property rights infringement cases. She then transitioned to serve her country by becoming a Special Agent for the Federal Bureau of Investigation (FBI) where she investigated cybercrime and served as their Information Systems Security Officer.
Ms. Chaney obtained her Certified Information Systems Security Professional (CISSP) certification in 2008. In her corporate career, she has held senior level information security roles with Comcast, Johnson & Johnson and GE Capital.
Voluntarily, Ms. Chaney is the Chairman and CEO of Minorities in Cybersecurity, Inc. which focuses on leadership and career development for minorities and women. Ms. Chaney also holds advisory board roles for the Cyber Law Consortium, Post University and ChickTECH. In each of her volunteer endeavors Ms. Chaney strives to improve the cyber security and privacy community by ensuring both students and professionals have the resources they need to excel in their careers.
Academically, Ms. Chaney is an adjunct professor with the University of Cincinnati where she teaches courses to assist with the development of the next generation of cybersecurity professionals.
Professionally, Ms. Chaney owns her own cyber security law practice, The Law Offices of Mary N. Chaney, P.L.L.C., The Cyber Security Law Firm of Texas, where she specializes in helping, the Board of Directors, CIO, CISO and General Counsel of any company, understand each other and to legally protect the enterprise from cyber security risk.

Conference App and Microsite!

Registration is easy and takes just a few minutes. Once you get started you can use your phone, tablet or internet browser to:

• Create a personalized agenda
• View maps of the venue and Exhibit Hall
• Use secure messaging to network with attendees
• View speaker slides after the conference
• Play CyberHunt, the app game, and compete for prizes

Don't miss out!

Join us for high-quality, affordable cybersecurity training and networking. Sign up today!